By Paul Kenyon, EVP, Avecto
The evidence for a proactive approach to security is compelling. Attacks are bypassing our historic defenses –antivirus, the firewalls, the intrusion detection systems. Once in, a piece of malware typically stays on the systems for almost a year on average, undetected. We’re blind too – 67% of attacks are discovered externally.
But what can be done?
When traditional security solutions such as antivirus effective just half of the time, a proactive approach is needed for defending the endpoint.
Many IT managers and CIOs can be defeatist and believe that prevention is not possible. But focus on preventing as much as possible to stop malware at the endpoint, and technologies like privilege management, application control and sandboxing can genuinely eliminate the vast majority of threats.
This layered defence in depth approach works by preventing the risk of vulnerabilities by taking away admin rights and run all users as standard users. It might sound like an IT helpdesk nightmare but call upon software which can assign privileges to applications, tasks, scripts and content – not users – and you’ll provide huge protection for the operating system. The removal of admin rights would have mitigated 97% of known Microsoft vulnerabilities in 2014.
Then, block unknown and prevent untrusted applications (and therefore malware) from executing. Application whitelisting is an easy way to start. On an application level this means that known apps are good and can be allowed, unknown apps are bad and can be blocked. SANS and the Council on Cyber Security list application control as the most essential strategy for mitigating threats, based on real-world data.
Finally, add a last line of defence with sandboxing to contain and isolate any online threats from the internet browser or document downloads.
A proactive defence in depth solution
Wick Hill has strengthened its security portfolio as the appointed UK VAD for award-winning, endpoint security company Avecto.
Defendpoint by Avecto is a security software solution that makes prevention possible. For the first time, it uniquely integrates three proactive technologies to stop malware at the endpoint.
The combination of Privilege Management, Application Control and Sandboxing in a single suite solution finally allows global organizations to improve security while ensuring a positive user experience across Windows and OSX.
It allows you to create a solid security foundation by removing admin rights from all users while empowering them to perform their day to day job roles by instead assigning privileges directly to applications, tasks, scripts and content.
With pragmatic application whitelisting rules, known and trusted applications are elevated automatically, while untrusted applications are blocked with comprehensive options for managing exceptions. Sandboxing adds a final layer of defense, isolating the web browser and downloaded content to contain any threats that originate online.
With Defendpoint allowing you to build a simple yet effective defense in depth strategy, prevention is possible.
For more information about Avecto and Defendpoint, visit our vendor page: www.wickhill.com/avecto